package com.example.springsecurity.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @program: spring-security
 * @description: 自定义适配器
 * @author: XianJin.Lu
 * @create: 2021-08-10 16:46
 **/

@Configuration
public class SecurityConfig  extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                //自定义登录界面
                .loginPage("/login.html")

                //这个必须和表单提交的一样
                   .loginProcessingUrl("/denglu")

                //登录失败
            .failureForwardUrl("/toError");



        http.authorizeRequests()
                //所有请求都必须认证才能访问,必须登录   但是要排除登录相关界面
                .antMatchers("/login.html","/error.html").permitAll()
                .antMatchers("/css/**","/js/**").permitAll()
                //角色控制   注意不用加ROLE
                .antMatchers("/juese.html").hasRole("abc")
                //权限控制
                .antMatchers("/quanxian.html").hasAuthority("user")
                  .anyRequest().authenticated();




                //关闭csrf防护
        http.csrf().disable();

    }

                //将PasswordEncoder   的实现类   交给spring容器管理
    @Bean
    public PasswordEncoder  getPw(){
        return new BCryptPasswordEncoder();
    }

}
